StudentShare solutions
Triangle menu

Firewall in Linux - Essay Example

Not dowloaded yet

Extract of sample
Firewall in Linux

It is often referred to as a packet filter as it examines each packet transferred in every network connection to, from, and within your computer. iptables replaced ipchains in the 2.4 kernel and added many new features including connection tracking (also known as stateful packet filtering).1
This means that the configuration for the firewall is set to "deny all connections" by default and the only way to establish connections between to point or two entity, we have to explicitly add new rules for them.
The term "INPUT" refers to any packet that is coming to this computer, "OUTPUT" means any packet that is generated by this computer and is leaving it. The term "FORWARD" also means the packets that are arriving from another computer but their final destination is one other computer. In fact we have used this computer to transit the packets between two different computers. The term "DROP" means that "the packet is not allowed through the firewall and the sender of the packet is not notified."2
In our firewall rule set, as you have seen above in section one, all incoming and outgoing packets are dropped unless we add new rules that allow our system to deal with. We have only allowed the system to use one connection by defining only one connection named "eth0" in the rules as follows:
# allow connections to my DNS servers
-A OUTPUT -d 2.3.4.11 -m state --state NEW -p udp --dport 53 -o eth0 -j ACCEPT

# allow outgoing connections to web servers
-A OUTPUT -d 0/0 -m state --state NEW -p tcp --dport http -o eth0 -j ACCEPT
-A OUTPUT -m state --state NEW -p tcp --dport https -o eth0 -j ACCEPT

# allow outgoing mail connections to my ISP's SMTP and POP3 server only
-A OUTPUT -d 2.3.4.5 -m state --state NEW -p tcp --dport smtp -o eth0 -j ACCEPT
-A OUTPUT -d 2.3.4.5 -m state --state NEW -p tcp --dport pop3 -o eth0 -j ACCEPT

As you can see, the rules above, allows the system for DNS access, allows to access to the web pages (http) and secure web pages (https).
3. The machine runs ssh and telnet.
In order to add to add these rules we need to add the following lines to our firewall rule:
# The machine runs SSH and TTELNET
-A INPUT -i $EXTIF -p tcp --dport 22 -j TCPACCEPT
-A INPUT -i $EXTIF -p tcp --dport 23 -j TCPACCEPT

4. The apache user, should not be allowed to surf the web.
# Do not allow incoming outgoing connections to web servers for apache (2.3.4.6)
-A INPUT -d 2.3.4.6 -m state --state NEW -p tcp --dport http -o eth0 -j REJECT
-A INPUT 2.3.4.6 -m state --state NEW -p tcp --dport https -o eth0 -j REJECT
-A OUTPUT -d 2.3.4.6 -m state --state NEW -p tcp --dport http -o eth0 -j REGECT
-A OUTPUT 2.3.4.6 -m state --sta ...Show more

Summary

In this paper, we will have a short introduction to firewall in Linux based systems. We will discuss the way we can use IP Tables to set firewall rules in Linux environment and we will aim to an IP Table firewall definition for a system that requires some special settings…
Author : mandyhowe
Firewall in Linux essay example
Read Text Preview
Save Your Time for More Important Things
Let us write or edit the essay on your topic
"Firewall in Linux"
with a personal 20% discount.
Grab the best paper

Related Essays

Installation of a firewall policy in a small office - home office (SOHO) environment
The advent of SOHO environments has undergone major transformations since anyone working from a home office can globally compete due to the inception of the Internet. Technology has made this possible through email, the World Wide Web, e-commerce, videoconferencing, remote desktop software, webinar systems and telephone connections by VOIP (Briere et al., 2010).
12 pages (3000 words) Essay
Compare and Contrast three separate and distinct linux vendors of workstation and server
The report will provide a brief analysis of all the features and competencies of the workstation and the servers offered by the vendors of Linux. Furthermore, the benefits and feasibility it provides to the customers in terms of support and training will be evaluated.
14 pages (3500 words) Essay
Firewall Security Essay
Additionally, network firewalls can be based on software applications, hardware devices or a combination of these two systems. Network firewalls protect an institution’s or organization’s computer network (like school, home, business intranet) beside some malicious access from the outside.
8 pages (2000 words) Essay
Project Paper: How to Use Linux Operating Systems as a Network Security Device or Component
This paper intends to identify the ways in which Linux operating system can be used as a network security device or component. The history of internet is short but its growth has been explosive. The size of internet users has grown to millions and every year the figure is increasing at a rapid pace.
11 pages (2750 words) Essay
Linux Server Deployment Fedora Core 5
This list of denied IP's is reviewed monthly and Firewall routings changed appropriately. This server is placed in a DMZ however it is expected that the server produced will be highly secure. The server will only run SSH for selected users from within the organizational network these are admin, jill and jack.
24 pages (6000 words) Essay
Linux Enterprise Study
Operating Systems in a networked environment started with the invention of UNIX. UNIX was first developed in 1969 by Thompson and Ritchie in the AT&T Bell laboratories. For this reason, UNIX for a long time was recognized as "AT&T UNIX" in the industry although a number of other companies also developed their own versions like DIGITAL UNIX, HP UNIX, SCO UNIX, etc.
10 pages (2500 words) Essay
Comparison of Windows and Linux
An operating system is software that is responsible for the management of the resources of a computer. It has the capability of taking input from the user and performs activities such as allocating memory, controlling peripherals, managing file system and facilitating networking with other devices.
5 pages (1250 words) Essay
Firewall Security Measures
The author of the paper touches upon the security means within the information technology sphere. Hence, it is stated that one good decision for testing a firewall is by hiring a third party penetration tester, which likewise tests the whole network system for vulnerabilities. In addition, tt is best for a company to establish a contract with the penetration tester for data protection.
13 pages (3250 words) Essay
Analysis that Compares and Contrasts UNIX/Linux and MS Windows
In the modern computer environment, the operating systems run by the majority of the world’s personal computers have become divided on the lines of MS Windows and UNIX/Linux both of which have their plusses and minuses.
9 pages (2250 words) Essay
Firewall Applications
This connection may be via a network etc. Firewall prevents unauthorized access to a computing device by checking every message transfer to and from the computing device. It restricts any message transfer that does not comply with the defined
2 pages (500 words) Essay
Get a custom paper written
by a pro under your requirements!
Win a special DISCOUNT!
Put in your e-mail and click the button with your lucky finger
Your email
YOUR PRIZE:
Apply my DISCOUNT
Comments (0)
Rate this paper:
Thank you! Your comment has been sent and will be posted after moderation